CVE-2024-21126

CVSS 3.1 Score 5.8 of 10 (medium)

Details

Published Jul 16, 2024
Updated: Jul 17, 2024

Summary

CVE-2024-21126 is a vulnerability affecting the Oracle Database Portable Clusterware component of Oracle Database Server. Versions 19.3-19.23 and 21.3-21.14 are vulnerable to this easily exploitable issue. An unauthenticated attacker with network access via DNS can exploit this flaw, potentially compromising Oracle Database Portable Clusterware. This vulnerability may also significantly impact other products (scope change). Successful attacks can lead to a partial denial of service (partial DOS) of Oracle Database Portable Clusterware, with a CVSS 3.1 Base Score of 5.8 for availability impacts. The CVSS Vector is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L).

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Oracle Database Server

Affected Vendors

  • BonqDAO